diff --git a/Cargo.lock b/Cargo.lock index b63cf841..2a569654 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -10129,6 +10129,13 @@ dependencies = [ "static_assertions", ] +[[package]] +name = "zalloc" +version = "0.1.0" +dependencies = [ + "zeroize", +] + [[package]] name = "zeroize" version = "1.5.7" diff --git a/Cargo.toml b/Cargo.toml index 053621de..a391d54d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,5 +1,7 @@ [workspace] members = [ + "common/zalloc", + "crypto/transcript", "crypto/dalek-ff-group", diff --git a/common/zalloc/Cargo.toml b/common/zalloc/Cargo.toml new file mode 100644 index 00000000..780e6b20 --- /dev/null +++ b/common/zalloc/Cargo.toml @@ -0,0 +1,19 @@ +[package] +name = "zalloc" +version = "0.1.0" +description = "An allocator wrapper which zeroizes memory on dealloc" +license = "MIT" +repository = "https://github.com/serai-dex/serai/tree/develop/common/zalloc" +authors = ["Luke Parker "] +keywords = [] +edition = "2021" + +[package.metadata.docs.rs] +all-features = true +rustdoc-args = ["--cfg", "docsrs"] + +[dependencies] +zeroize = "1.5" + +[features] +allocator = [] diff --git a/common/zalloc/LICENSE b/common/zalloc/LICENSE new file mode 100644 index 00000000..f05b748b --- /dev/null +++ b/common/zalloc/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2022 Luke Parker + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/common/zalloc/src/lib.rs b/common/zalloc/src/lib.rs new file mode 100644 index 00000000..0e4c1f75 --- /dev/null +++ b/common/zalloc/src/lib.rs @@ -0,0 +1,46 @@ +#![cfg_attr(docsrs, feature(doc_cfg))] +#![cfg_attr(docsrs, feature(doc_auto_cfg))] +#![cfg_attr(feature = "allocator", feature(allocator_api))] + +//! Implementation of a Zeroizing Allocator, enabling zeroizing memory on deallocation. +//! This can either be used with Box (requires nightly and the "allocator" feature) to provide the +//! functionality of zeroize on types which don't implement zeroize, or used as a wrapper around +//! the global allocator to ensure *all* memory is zeroized. + +use core::{ + slice, + alloc::{Layout, GlobalAlloc}, +}; + +use zeroize::Zeroize; + +/// An allocator wrapper which zeroizes its memory on dealloc. +pub struct ZeroizingAlloc(pub T); + +#[cfg(feature = "allocator")] +use core::{ + ptr::NonNull, + alloc::{AllocError, Allocator}, +}; +#[cfg(feature = "allocator")] +unsafe impl Allocator for ZeroizingAlloc { + fn allocate(&self, layout: Layout) -> Result, AllocError> { + self.0.allocate(layout) + } + + unsafe fn deallocate(&self, mut ptr: NonNull, layout: Layout) { + slice::from_raw_parts_mut(ptr.as_mut(), layout.size()).zeroize(); + self.0.deallocate(ptr, layout); + } +} + +unsafe impl GlobalAlloc for ZeroizingAlloc { + unsafe fn alloc(&self, layout: Layout) -> *mut u8 { + self.0.alloc(layout) + } + + unsafe fn dealloc(&self, ptr: *mut u8, layout: Layout) { + slice::from_raw_parts_mut(ptr, layout.size()).zeroize(); + self.0.dealloc(ptr, layout); + } +}